Home page logo

bugtraq logo Bugtraq mailing list archives

Re: ssh-1.2.27 exploit
From: core.lists.bugtraq () CORE-SDI COM (IvŠn Arce)
Date: Mon, 13 Dec 1999 22:03:15 -0300

Jarek Kutylowski wrote:

I have now worked on the ssh-1.2.27 rsaref buffer overflow and consider
ssh now as quite immune. It is of course possible to crash sshd, but
a real attack is, in my opinion, impossible.


We have a working exploit against Linux and OpenBSD, we are waiting for
CERT to publish their advisory.
As soon as that happens, or before if its taking too long, we'll publish the
Since the problem is not being actively exploited (as far as we know), there
didnt seem to be a reason to post the exploit code with our advisory.


"Understanding. A cerebral secretion that enables one having it to know
 a house from a horse by the roof on the house,
 It's nature and laws have been exhaustively expounded by Locke,
 who rode a house, and Kant, who lived in a horse." - Ambrose Bierce

==================[ CORE Seguridad de la Informacion S.A. ]=========
Iv√°n Arce
PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
email: iarce () core-sdi com
Pte. Juan D. Peron 315 Piso 4 UF 17
1038 Capital Federal
Buenos Aires, Argentina.              Tel/Fax : +(54-11) 4331-5402
Casilla de Correos 877 (1000) Correo Central

--- For a personal reply use iarce () core-sdi com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]